# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License;
# you may not use this file except in compliance with the Elastic License.

input {
  metrics {
    collection_interval => <%= collection_interval %>
    collection_timeout_interval => <%= collection_timeout_interval %>
    extended_performance_collection => <%= extended_performance_collection? %>
    config_collection => <%= config_collection? %>
  }
}
output {
  elasticsearch_monitoring {
  <% if auth? %>
    user => "<%= user %>"
    password => "<%= password %>"
  <% end %>
  <% if api_key? %>
    api_key => "<%= api_key %>"
  <% end %>
  <% if cloud_id? %>
    cloud_id => "<%= cloud_id %>"
  <% else %>
    hosts => <%= es_hosts %>
  <% end %>
  <% if cloud_auth %>
    cloud_auth => "<%= cloud_auth %>"
  <% end %>
    data_stream => false
    bulk_path => "<%= monitoring_endpoint %>"
    manage_template => false
    document_type => "%{[@metadata][document_type]}"
    index => "<%= monitoring_index %>"
    sniffing => <%= sniffing %>
  <% if proxy? %>
    proxy => "<%= proxy %>"
  <% end %>
  <% if ssl_enabled? %>
    ssl_enabled => true
    <% if ssl_certificate_authorities %>
        ssl_certificate_authorities => "<%= ssl_certificate_authorities %>"
    <% end %>
    <% if ca_trusted_fingerprint %>
        ca_trusted_fingerprint => <%= ca_trusted_fingerprint.inspect %>
    <% end %>
    <% if ssl_truststore_path? %>
        ssl_truststore_path => "<%= ssl_truststore_path %>"
        ssl_truststore_password => "<%= ssl_truststore_password %>"
    <% end %>
    <% if ssl_keystore_path? %>
        ssl_keystore_path => "<%= ssl_keystore_path %>"
        ssl_keystore_password => "<%= ssl_keystore_password %>"
    <% end %>
    <% if ssl_certificate? %>
        ssl_certificate => "<%= ssl_certificate %>"
        ssl_key => "<%= ssl_key %>"
    <% end %>
    <% if ssl_cipher_suites %>
        ssl_cipher_suites => <%= ssl_cipher_suites %>
    <% end %>
    ssl_verification_mode => <%= ssl_verification_mode %>
  <% else %>
    # In the case where the user does not want SSL we don't set ssl => false
    # the reason being that the user can still turn ssl on by using https in their URL
    # This causes the ES output to throw an error due to conflicting messages
  <% end %>
    # Since this config is generated by Logstash and cannot be directly
    # controlled by the user, we include a product origin header
    custom_headers => { "x-elastic-product-origin" => "logstash" }
  }
}
